I'm installing tomcat using yum package manager, but I want to run the service under different user (not tomcat).
Is there an easy way to do that on installation or am I always forced to change owner of all directories, service etc.?
If tomcat is managed by systemd, you can add a custom file /etc/systemd/system/tomcat.service.d/custom-user.conf containing just the following lines
[Service]
User=myUser
For older OSes you should be able to do it by setting the TOMCAT_USER variable in /etc/sysconfig/tomcat.
This is an extra configuration of course. It's not possible to modify a rpm-provided configuration file without rebuilding the rpm. If you have an internal yum repository you can build a rpm package providing this file but I think the easier way is using a configuration management tool like ansible or saltstack.
I have installed a version (0.12.24) of Terraform which is later than the required version (0.12.17) specified in our configuration. How can I downgrade to that earlier version? My system is Linux Ubuntu 18.04.
As long as you are in linux, do the following in the terminal:
rm -r $(which terraform)
Install the previous version:
wget https://releases.hashicorp.com/terraform/1.3.4/terraform_1.3.4_linux_amd64.zip
unzip terraform_1.3.4_linux_amd64.zip
mv terraform /usr/local/bin/terraform
terraform --version
That's it, my friend.
EDIT: I've assumed people now use v1.3.5 so the previous version is v1.3.4.
You could also checkout Terraform Switcher - this will allow you to switch between different versions easily.
First, download latest package information using:
sudo apt-get update
The simplest way to downgrade is to use apt-get to install the required version - this will automatically perform a downgrade:
Show a list of available versions - sudo apt list -a terraform
terraform/xenial 0.13.5 amd64
terraform/xenial 0.13.4-2 amd64
... etc
or use sudo apt policy terraform to list available versions
Install the desired version:
sudo apt-get install terraform=0.14.5
Or, for a 'clean' approach, remove the existing version before installing the desired version:
sudo apt remove terraform
There are other valid answers here. This may be useful if you have a situation, like I do, where you need multiple Terraform versions during a migration from an old version to a new version.
I use tfenv for that:
https://github.com/tfutils/tfenv
It provides a modified terraform script that does a lookup of the correct terraform executable based on a default or based on the closest .terraform-version file in the directory or parent directories. This allows us to use a version of Terraform 0.12 for our migrated stuff and keep Terraform 0.11 for our legacy stuff.
You shouldn't be installing terraform in ubuntu any more. Generally speaking, the industry has moved on to docker now. You can install docker like this:
sudo apt install -y curl
curl -LSs get.docker.com | sh
sudo groupadd docker
sudo usermod -aG docker $USER
Once installed you can run terraform like this:
docker run -v $PWD:/work -w /work -v ~/.aws:/root/.aws hashicorp/terraform:0.12.17 init
Assuming that your .aws directory contains your aws credentials. If not, you can leave that mount binding (-v ~/.aws:/root/.aws) out of the command and it'll work with whatever scheme you choose to use. You can change the version of terraform you are using with ease, without installing anything.
There are significant benefits in this approach over the accepted answer. First is the ease of versioning. If you have installed terraform using a package manager you can either uninstall it and install the version you need, or you can play around with Linux alternatives (if your distro supports them, or you are using Linux, or a package manager of some sort -- you could be using Windows and have downloaded and run an installer). Of course, this might be a one-off thing, in which case you do it once and you're ok forever, but in my experience, that isn't often the case as most teams are required to update versions due to security controls, and those teams that aren't required to regularly update software probably should be.
If this isn't a one-off thing, or you'd not like to play around too much with versioning then you could just download the binary, as one comment on this post points out. It's pretty easy to come up with a scheme of directories for each version, or just delete the one you're using and replace it completely. This may suit your use-case pretty well. Go to the appropriate website (I've forgotten which one -- Hashicorp or the GitHub repo's releases page, you can always search for it, though that takes time too -- which is my point) and find the right version and download it.
Or, you can just type docker run hashicorp/terraform:0.12.17 and the right version will be automagically pulled for you from a preconfigured online trusted repo.
So, installing new versions is easier, and of course, docker will run the checksum for you, and will also have scanned the image for vulnerabilities and reported the results back to the developers. Of course, you can do all of this yourself, because as the comment on this answer states, it's just a statically compiled binary, so no hassle just install it and go.
Only it still isn't that easy. Another benefit would be the ease in which you could incorporate the containerised version into docker-compose configurations, or run it in K8S. Again, you may not need this capability, but given that the industry is moving that way, you can learn to do it using the standardised tools now and apply that knowledge everywhere, or you can learn a different technique to install every single tool you use now (get some from GitHub releases and copy the binary, others you should use the package manager, others you should download, unzip, and install, still others should be installed from the vendor website using an installer, etc. etc. etc.). Or, you can just learn how to do it with docker and apply the same trick to everything. The vast of modern tools and software are now packaged in this 'standard' manner. That's the point of containers really -- standardisation. A single approach more-or-less fits everything.
So, you get a standardised approach that fits most modern software, extra security, and easier versioning, and this all works almost exactly the same way no matter which operating system you're running on (almost -- it does cover Linux, windows, osx, raspbian, etc.).
There are other benefits around security other than those specifically mentioned here, that apply in an enterprise environment, but I don't have time to go into a lot of detail here, but if you were interested you could look at things like Aqua and Prisma Cloud Compute. And of course you also have the possibility of extending the base hashicorp/terraform container and adding in your favourite defaults.
Personally, I have no choice in work but to run windows (without wsl), but I am allowed to run docker, so I have a 'swiss army knife' container with aliases to run other containers through the shared docker socket. This means that I get as close to a real Linux environment as possible while running windows. I dispose of my work container regularly, and wouldn't want to rebuild it whenever I change the version of a tool that I'm using, so I use an alias against the latest version of those tools, and new versions are automatically pulled into my workspace. If that breaks when I'm doing, then I can specify a version in the alias and continue working until I'm ready to upgrade. If I need to downgrade a tool when I'm working on somebody else's code I just change the alias again and everything works with the old version. It seems to me that this workflow is the easiest I've ever used, and I've been doing this for 35 years.
I think that docker and this approach to engineering is simpler, cleaner, and more secure than any that has come before it. I strongly recommend that everyone try it.
I am trying to just set a repo in Ubuntu that is not centrally managed repo. In the past I worked on CentOS at work and would just use the yumrepo resource definition to do this. But, now I'm in an Ubuntu shop and that won't work. The Puppet docs say I need to use dpkg to do this, but I cannot find anything in the docs over dpkg, only yumrepo. I'm a tad confused and would appreciate someone clearing this up. Seems like it shouldn't be hard and it also seems like something I shouldn't have to install a third party module for, but that's the only solution I've seen people recommending online and that's just not an option for me. Thanks.
Puppet has a supported module puppetlabs/apt that you should use on Ubuntu Linux. Also, as noted in the Puppet 6 release notes, the yumrepo type has also moved to an external module now, which has resolved the inconsistency you alluded to in the way Red Hat was previously treated as more of a first-class citizen in the Puppet ecosystem, which was never really the intention.
This creates a Debian repository using the apt class pointing to any server you want, local or remote:
apt::source {
"$lsbdistcodename":
include_src => false,
location => "http://10.0.0.8/debian/$lsbdistcodename",
repos => "main contrib non-free",
;
}
I'm fairly new to puppet and I want to install a puppet module not using the puppet forge.
I have a page similar to the puppet forge where I keep my modules. I have 2 instances one is a Linux server so I can ssh into, and one is can work from remotely.
I have used git clone to make a branch, and I have copied the module i want into a folder inside that branch. How do I install the module into my Linux server?
When I ssh into my linux instance I get this message
puppet module list --tree
/opt/puppet/share/puppet/modules (no modules installed)
If you want to write your own modules and then use them on your own servers,
follow the guidelines in https://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html
In particular the puppet module generate is good for getting started with a skeleton. Use the files in the skeleton (Modulefile, manifests etc) to build a tar ball then refer to https://docs.puppetlabs.com/puppet/latest/reference/modules_installing.html#installing-from-a-release-tarball to install the tarball
We have a puppetmaster and an agent machine I'm configuring from it, via the puppet agent -t command.
On this agent machine (an Ubuntu box) I need the bc (base calculator) command installed when it's built. Right now that's not the case.
There appears to be a module for it on the forge (https://forge.puppetlabs.com/rfletcher/bc/readme) but I'm fairly new to puppet and am not sure how to set things up so that when the Ubuntu box is spun up this module is installed?
I'm going over the agent docs but am still learning about how agents communicate with puppetmasters. I'm hoping for a nudge on what to do to make sure this command is installed on my agent when all is said and done (stick something in a manifest somewhere most likely?)
So you are asking how to use forge modules in puppet. My first suggestion is, read the relative documents as more as possible, all in Puppet Forge
If you need get quick start, here are something you can try.
login puppet master
cd to puppet module folder
puppet module install rfletcher-bc
mv rfletcher-bc bc
then find the node pp file (normally it should be init.pp) to add below line:
include bc
I didn't have your environment, and not sure which pp file will be targeted.